REMARKS 

The claims remaining in the present application are Claims 1-23. The 

Examiner is thanked for performing a thorough search. Claims 1,12 and 17 have 

been amended. No new matter has been added. For example, support for the 

amendments to independent Claims 1,12 and 17 can be found, among other 

places, in the last 4 lines of paragraph 0053 of the instant application serial no. 

10/769,594, which states, 

... a SharedCode Key List "PD-id1/PK5: PD-id2 /PK5:PD-id3/PK5" includes 
three domain identifier and SharedCode Key pairs separated by colons that 
may be associated with domain 6 to indicate that domain 1 , domain 2, and 
domain 3, must use PK5 to access the code C6B of domain 6. 

CLAIM REJECTIONS 
35 U.S.C. §102 

Claims 1-23 

Claims 1-23 are rejected under 35 U.S.C. §1 02(b) as being anticipated by 
U.S. Patent No. 6,125,447 by Gong et al. (referred to hereinafter as "Gong"). 
Applicants respectfully submit that embodiments of the present invention are neither 
taught nor suggested by Gong. 



Amended independent Claim 1 recites, 

A method of providing flexible protection in a computer system by 
decoupling protection from privilege, the method comprising: 

enabling receipt of information describing two or more types of 
protection; 

enabling receipt of information describing a relationship between said 
two or more types of protection and portions of code that are executed in a 
same privilege level of the computer system, wherein said relationship is not 
required to be linear; and 

enabling the association of said information describing said two or 
more types of protection and said information describing said relationship 
with said portions of code, wherein a first portion of code allowing a second 
portion of code to access the first portion of code does not depend on the 
second portion of code allowing the first portion of code to access the second 
portion of code. 

Gong does not teach or suggest, "enabling receipt of information describing 
a relationship between said two or more types of protection and portions of code 
that are executed in a same privilege level of the computer system, wherein said 
relationship is not required to be linear... wherein a first portion of code allowing a 
second portion of code to access the first portion of code does not depend on the 
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second portion of code allowing the first portion of code to access the second 
portion of code," as recited by Claim 1 . 

Referring to Col. 10 and Figure 2, Gong teaches using a code identifier 232 

associated with a class 260 to determine whether an object 262 that is an instance 

of that class 260 will be granted permission to access a file. For example, Col. 10 

lines 47-50 states, "There is only one permission associated with the code identifier 

'file/Zsomesource'-'somekey', which is a permission to write to any file in directory 

'Itmp/*'". From Col. 1 1 line 40 to Col. 13 line 22, Gong describes the execution of a 

thread. At Col. 11 lines 46-53, Gong states, 

For example, assume that a thread executes a.x (where "a" is an object and 
"x" is a method associated with object "a"). Assume that a.x invokes b.y 
which invokes c.z. While c.z is executing, the call stack will contain data 
identifying a.x, b.y, and c.z. AT this point, call stack 610 represents the 
calling hierarchy of the methods invoked by the thread but have not yet been 
completed by the thread. 

Gong also states at Col. 1 1 lines 55-58, 

Note that objects corresponding to the method invocations in the call stack 
are each associated with a protection domain. Object a is associated with 
protection domain I and object b and object c are associated with protection 
domain J. 

Gong states at Col. 12 lines 7-8, "Object a is requesting to write to file 

Vtmp/temporary'." Gong states at Col. 12 lines 30-35, 

A requested action is authorized if every protection domain associated with 
the objects represented by the call stack when the request for the requested 
action was made contains a permission authorizing the permission required 
to perform the requested action. 

According to this example, the request to access Vtmp/temporary' is denied (Col. 13 
lines 19-21) because referring to Fig. 6, although a.x maps to protection domain I, 
which permits write accessp to 7tmp/", b.y and c.z map to protection domain J, 
which do not permit write access to 7tmp/." Therefore, Gong pertains to portions of 
code (a.x. b.y, c.z) attempting to access data (/tmp/) where the portions of code 
depend on each. other for accessing the data. 

The Office Action asserts that Gong teaches "enabling receipt of information 
describing a relationship between said two or more types of protection and portions 
of code that are executed in a same privilege level of the computer system, wherein 
said relationship is not required to be linear" at Col. 9 lines 40-53. However, Col. 9 
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lines 40-53 are silent with respect to privilege levels and therefore cannot teach or 
suggest "enabling receipt of information describing a relationship between said two 
or more types of protection and portions of code that are executed in a same 
privilege level of the computer system, wherein said relationship is not required to 
be linear," (emphasis added) as recited by Claim 1 . 

Gong does not teach or suggest "wherein a first portion of code allowing a 
second portion of code to access the first portion of code does not depend on the 
second portion of code allowing the first portion of code to access the second 
portion of code," as recited by Claim 1 . For example, as already stated, Gong 
pertains to portions of code attempting to access data where the portions of code 
depend on each other for accessing the data. Therefore, Gong does not teach a 
first portion of code allowing a second of portion of code to access the first portion of 
code" let alone teach or suggest "wherein a first portion of code allowing a second 
portion of code to access the first portion of code does not depend on the second 
portion of code allowing the first portion of code to access the second portion of 
code." 

For at least these reasons, independent Claim 1 should be patentable. For 
similar reasons independent Claims 10, 12, 15 and 17 should also be patentable. 
Claims 2-9 depend on Claim 1 . Claim 1 1 depends on Claim 1 0. Claims 1 3-1 4 
depend on Claim 12. Claim 16 depends on Claim 15. Claims 18-23 depend on 
Claim 17. These dependent claims include all of the limitations of their respective 
independent claims. Further, these dependent claims include additional limitations 
which further make them patentable. For example, Gong does not teach "data 
associated with another domain" as recited by Claim 7. In another example, Gong 
does not teach "cross-domain switching" as recited by Claim 8. Therefore, these 
dependent claims should be patentable for at least the reasons that their respective 
independent claims should be patentable. 
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CONCLUSION 



In light of the above listed amendments and remarks, reconsideration of the 
rejected claims is requested. Based on the arguments and amendments presented 
above, it is respectfully submitted that Claims 1-23 overcome the rejections of record. 
For reasons discussed herein, Applicant respectfully requests that Claims 1-23 be 
considered be the Examiner. Therefore, allowance of Claims 1-23 is respectfully 
solicited. 

Should the Examiner have a question regarding the instant amendment and 
response, the Applicant invites the Examiner to contact the Applicant's undersigned 
representative at the below listed telephone number. 



Respectfully submitted, 
WAGNER BLECHER LLP 





Address: 



Westridge Business Park 
1 23 Westridge Drive 
Watsonville, California 95076 USA 



Telephone: 



(408) 377-0500 Voice 
(408) 234-3649 Direct/Cell 
(831)722-2350 Facsimile 
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